Skip to content

Instantly share code, notes, and snippets.

@pascaldulieu

pascaldulieu/LetsEncrypt reverse proxy with docker.md

Last active December 3, 2019 00:33
Show Gist options
  • Save pascaldulieu/343c014f28457df7aa21c41f824915f3 to your computer and use it in GitHub Desktop.
Save pascaldulieu/343c014f28457df7aa21c41f824915f3 to your computer and use it in GitHub Desktop.
Download ZIP
a derps guide to setting up a reverse proxy with certs in docker for derps
Raw
LetsEncrypt reverse proxy with docker.md

This guide is designed for people like myself who seem to find all guides on LetsEncrypt reverse proxies to be like this or any of this

This will cover portainer setup and eventually standarderd CLI only setup

With Portainer

  1. Get onto Linux system
  2. Install docker-ce
  3. Install Portainer
docker volume create portainer_data
docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer
  1. create a new network for docker for your reverse proxy stuff to sit on
docker network create NAME
  1. Set up portainer and login
  2. go to Volumes and create a new volume named something liek letsencrypt_config
  3. Go to container list and Add a comtainer

Name: letsencrypt

Image Configuration

Name: linuxserver/letsencrypt

Registry: DockerHyb

Alwasy pull the image: On

Ports:

  • 443 - TCP
  • 80 - TCP

Advanced Container settings

Volumes:

  • Container: /config - Volume
  • Volume - letsencrypt_config (or whatever you named yours) - Writable

Network:

  • Network: Whatever you named your network on step 3

Env: (foo:bar so name:value)

  • EMAIL:your domain email
  • URL:DOMAIN.TLD
  • SUBDOMAINS:domains,listed,here

Restart Policy:

  • Unless stopped. This will always reboot the container if it shuts down unless you are the one to stop it.

Now click that Deply the container button

Click the container and then click logs, if it says Server ready after its finished setting up the certs you've set your env's peoperly, if it bitches about it not being able to auth or whatever go check your ports are open for 80 and 443 for that system and that you have entered the right domain and subdomain and then restart the container and watch the logs again.

Thats it for the setup on letsencrypt

so when you are deploying anything from now on and you want that service to be accessable from the reverse proxy you will need to set the network to the revse proxy network so it can talk to it

I'm going to use plex on this example and all of the prebuilt stuffs will work the same way

  1. so once its up and running and you have say plex running aswell in in the same network area click on your lets encrypt conainer and then click console then connect

  2. CD To /config/nginx/proxy-confs

this is covering how to do a subdomain reverse proxy so if you want to do your.domain.tld/plex then idk, but im sure its basically the same setup?

  1. do a cp plex.subdomain.conf.sample plex.subdomain.conf
  2. do a vi plex.subdomain.conf and edit line 32 proxy_pass https://$upstream_plex:32400; to proxy_pass https://HOSTIP:32400;
  3. and then reboot your letsencrypt container and tadaa you can now access your plex from plex.domain.tld

I'll add how to do the subfolders when i figure it out and how to do all of this via CLI only when i can be bothered to do that myself

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment